For When You Can't Have The Real Thing
[ start | index | login ]
start > CentOS > 7 > DSA SSH Hostkeys

DSA SSH Hostkeys

Created by dave. Last edited by dave, 85 days ago. Viewed 123 times. #1
[edit] [rdf]
labels
attachments
(2017-05-25)

Problem

I have a stone-age host monitor thing that is complaining that it can't find agreeable SSH host keys from my CentOS 7 server. Turns out it requires DSA host keys and won't use the other host keys that are available. CentOS 7 by default does not generate DSA host keys because DSA is old and busted.

Solution

In /etc/ssh/sshd_config:

HostKey /etc/ssh/ssh_host_dsa_key

Run:

# ssh-keygen -t dsa -N '' -f /etc/ssh/ssh_host_dsa_key
# chgrp ssh_keys /etc/ssh/ssh_host_dsa_key 
# systemctl restart sshd

Search Engine Bait

Protocol Error: can not agree hostkey

no comments | post comment

Virtual Dave Megaplex:

Internet Explorer 6 Users >>Click Here

(read this note about local search)

Logged in Users: (0)
… and 8 Guests.


Editing: snipsnap-help, Image Macro

(Et auditum est, et idcirco ego nunc simulare)

Installed 6 years and 218 days ago
Powered By >>SnipSnap Version 1.0b1-uttoxeter

This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:


snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt